Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

deps(example): bump the dependencies group across 1 directory with 9 updates #3617

Closed
wants to merge 1 commit into from
Closed

deps(example): bump the dependencies group across 1 directory with 9 updates #3617

wants to merge 1 commit into from
+365 −124

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 20, 2025
edited
Loading

Bumps the dependencies group with 9 updates in the /examples/remix-express directory:

Package From To
@remix-run/express 2.16.0 2.16.2
@remix-run/node 2.16.0 2.16.2
@remix-run/react 2.16.0 2.16.2
isbot 5.1.23 5.1.25
@remix-run/dev 2.16.0 2.16.2
@types/express 5.0.0 5.0.1
@typescript-eslint/eslint-plugin 8.26.1 8.27.0
@typescript-eslint/parser 8.26.1 8.27.0
eslint-import-resolver-typescript 3.8.7 4.2.2

Updates @remix-run/express from 2.16.0 to 2.16.2

Release notes

Sourced from @​remix-run/express's releases.

v2.16.2

See the changelog for the release notes: https://github.com/remix-run/remix/blob/main/CHANGELOG.md#v2162

v2.16.1

See the changelog for the release notes: https://github.com/remix-run/remix/blob/main/CHANGELOG.md#v2161

Changelog

Sourced from @​remix-run/express's changelog.

2.16.2

Patch Changes

2.16.1

Patch Changes

Commits

Updates @remix-run/node from 2.16.0 to 2.16.2

Release notes

Sourced from @​remix-run/node's releases.

v2.16.2

See the changelog for the release notes: https://github.com/remix-run/remix/blob/main/CHANGELOG.md#v2162

v2.16.1

See the changelog for the release notes: https://github.com/remix-run/remix/blob/main/CHANGELOG.md#v2161

Changelog

Sourced from @​remix-run/node's changelog.

2.16.2

Patch Changes

2.16.1

Patch Changes

Commits

Updates @remix-run/react from 2.16.0 to 2.16.2

Release notes

Sourced from @​remix-run/react's releases.

v2.16.2

See the changelog for the release notes: https://github.com/remix-run/remix/blob/main/CHANGELOG.md#v2162

v2.16.1

See the changelog for the release notes: https://github.com/remix-run/remix/blob/main/CHANGELOG.md#v2161

Changelog

Sourced from @​remix-run/react's changelog.

2.16.2

Patch Changes

  • Fix shouldRevalidate behavior for clientLoader-only routes in ssr:true apps (#10527)
  • Updated dependencies:

2.16.1

Patch Changes

  • Fix Vite import analysis of @remix-run/react failing when the package is not marked as external (#10528)
  • Updated dependencies:
Commits

Updates isbot from 5.1.23 to 5.1.25

Changelog

Sourced from isbot's changelog.

5.1.25

  • [Pattern] Pattern update: Reduce complexity

5.1.24

  • [Pattern] Pattern update: Add generic pattern, remove some specific patterns
Commits
  • 3ebbeb9 [Pattern] Pattern update: Reduce complexity
  • d3bba7a [Pattern] Pattern update: Add generic pattern, remove some specific patterns
  • See full diff in compare view

Updates @remix-run/dev from 2.16.0 to 2.16.2

Release notes

Sourced from @​remix-run/dev's releases.

v2.16.2

See the changelog for the release notes: https://github.com/remix-run/remix/blob/main/CHANGELOG.md#v2162

v2.16.1

See the changelog for the release notes: https://github.com/remix-run/remix/blob/main/CHANGELOG.md#v2161

Changelog

Sourced from @​remix-run/dev's changelog.

2.16.2

Patch Changes

2.16.1

Patch Changes

  • When future.v3_routeConfig is enabled, fix errors evaluating routes.ts when multiple copies of @remix-run/dev are present (#10524)
  • Remove unused Vite file system watcher (#10510)
  • Fix Vite import analysis of @remix-run/react failing when the package is not marked as external (#10528)
  • Updated dependencies:
Commits

Updates @types/express from 5.0.0 to 5.0.1

Commits

Updates @typescript-eslint/eslint-plugin from 8.26.1 to 8.27.0

Release notes

Sourced from @​typescript-eslint/eslint-plugin's releases.

v8.27.0

8.27.0 (2025-03-17)

🚀 Features

  • utils: support DeprecatedInfo for rule.meta.deprecated (#10932)

🩹 Fixes

  • deps: update eslint monorepo to v9.22.0 (#10952)
  • typescript-estree: fix span start for decorated AssignmentPattern function parameter (#10939)

❤️ Thank You

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from @​typescript-eslint/eslint-plugin's changelog.

8.27.0 (2025-03-17)

🚀 Features

  • utils: support DeprecatedInfo for rule.meta.deprecated (#10932)

❤️ Thank You

You can read about our versioning strategy and releases on our website.

Commits
  • 3efd99e chore(release): publish 8.27.0
  • 342d98e feat(utils): support DeprecatedInfo for rule.meta.deprecated (#10932)
  • 7469e72 docs(eslint-plugin): [no-unnecessary-condition] mention array access as commo...
  • See full diff in compare view

Updates @typescript-eslint/parser from 8.26.1 to 8.27.0

Release notes

Sourced from @​typescript-eslint/parser's releases.

v8.27.0

8.27.0 (2025-03-17)

🚀 Features

  • utils: support DeprecatedInfo for rule.meta.deprecated (#10932)

🩹 Fixes

  • deps: update eslint monorepo to v9.22.0 (#10952)
  • typescript-estree: fix span start for decorated AssignmentPattern function parameter (#10939)

❤️ Thank You

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from @​typescript-eslint/parser's changelog.

8.27.0 (2025-03-17)

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

Commits

Updates eslint-import-resolver-typescript from 3.8.7 to 4.2.2

Release notes

Sourced from eslint-import-resolver-typescript's releases.

v4.2.2

Patch Changes

  • #397 14a7688 Thanks @​JounQin! - chore: bump rspack-resolver for better P'n'P support

    Now rspack-resolver resolves pnpapi natively.

v4.2.1

Patch Changes

v4.2.0

Minor Changes

  • #391 c8121e5 Thanks @​JounQin! - feat: make is-bun-module as optional peer dependency

    Technically this is a BREAKING CHANGE, but considering we just raise out v4 recently and this only affects bun users, bun --bun eslint even works without this dependency, so I'd consider this as a minor change.

    So for bun users, there are three options:

    1. install is-bun-module dependency manually and use bun: true option
    2. run eslint with bun --bun eslint w/o bun: true option
    3. enable run#bun in bunfig.toml w/o bun: true option

v4.1.1

Patch Changes

v4.1.0

Minor Changes

  • #387 ef5cd10 Thanks @​JounQin! - feat: add a new bun?: boolean option for bun users - close #386

    process.versions.bun is unavailable even with bun eslint due to its own design, but checking bun modules for non-bun users is incorrect behavior and just wasting time, so a new option is added for such case, you can still run with bun --bun eslint without this option enabled

v4.0.0

Major Changes

  • #368 2fd7c2e Thanks @​JounQin! - feat!: rewrite, speed up by using rspack-resolver which supports references natively under the hood

    BREAKING CHANGES:

    • drop Node 14 support, Node ^16.17.0 || >=18.6 is now required
    • alwaysTryTypes is enabled by default, you can set it as false to opt-out

... (truncated)

Changelog

Sourced from eslint-import-resolver-typescript's changelog.

4.2.2

Patch Changes

  • #397 14a7688 Thanks @​JounQin! - chore: bump rspack-resolver for better P'n'P support

    Now rspack-resolver resolves pnpapi natively.

4.2.1

Patch Changes

4.2.0

Minor Changes

  • #391 c8121e5 Thanks @​JounQin! - feat: make is-bun-module as optional peer dependency

    Technically this is a BREAKING CHANGE, but considering we just raise out v4 recently and this only affects bun users, bun --bun eslint even works without this dependency, so I'd consider this as a minor change.

    So for bun users, there are three options:

    1. install is-bun-module dependency manually and use bun: true option
    2. run eslint with bun --bun eslint w/o bun: true option
    3. enable run#bun in bunfig.toml w/o bun: true option

4.1.1

Patch Changes

4.1.0

Minor Changes

  • #387 ef5cd10 Thanks @​JounQin! - feat: add a new bun?: boolean option for bun users - close #386

    process.versions.bun is unavailable even with bun eslint due to its own design, but checking bun modules for non-bun users is incorrect behavior and just wasting time, so a new option is added for such case, you can still run with bun --bun eslint without this option enabled

4.0.0

Major Changes

... (truncated)

Commits
  • 288c53c chore: release eslint-import-resolver-typescript (#398)
  • 14a7688 chore: bump rspack-resolver for better P'n'P support (#397)
  • 0adca68 chore: release eslint-import-resolver-typescript (#395)
  • 9f11f6b fix: don't set empty configFile when no tsconfig found (#394)
  • 3b0edff chore: release eslint-import-resolver-typescript (#392)
  • 490ca12 docs: clarify this is a resolver not plugin
  • c8121e5 feat: make is-bun-module as optional peer dependency (#391)
  • 458fdaf chore: release eslint-import-resolver-typescript (#390)
  • 1b97d8a fix: should prefer module.isBuiltin when process.versions.bun available (...
  • 79a453b chore: release eslint-import-resolver-typescript (#388)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
deps(example): bump the dependencies group across 1 directory with 9 …

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode
Loading
Loading status checks…
7d2a541 
…updates

Bumps the dependencies group with 9 updates in the /examples/remix-express directory:

| Package | From | To |
| --- | --- | --- |
| [@remix-run/express](https://github.com/remix-run/remix/tree/HEAD/packages/remix-express) | `2.16.0` | `2.16.2` |
| [@remix-run/node](https://github.com/remix-run/remix/tree/HEAD/packages/remix-node) | `2.16.0` | `2.16.2` |
| [@remix-run/react](https://github.com/remix-run/remix/tree/HEAD/packages/remix-react) | `2.16.0` | `2.16.2` |
| [isbot](https://github.com/omrilotan/isbot) | `5.1.23` | `5.1.25` |
| [@remix-run/dev](https://github.com/remix-run/remix/tree/HEAD/packages/remix-dev) | `2.16.0` | `2.16.2` |
| [@types/express](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/express) | `5.0.0` | `5.0.1` |
| [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) | `8.26.1` | `8.27.0` |
| [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) | `8.26.1` | `8.27.0` |
| [eslint-import-resolver-typescript](https://github.com/import-js/eslint-import-resolver-typescript) | `3.8.7` | `4.2.2` |



Updates `@remix-run/express` from 2.16.0 to 2.16.2
- [Release notes](https://github.com/remix-run/remix/releases)
- [Changelog](https://github.com/remix-run/remix/blob/main/packages/remix-express/CHANGELOG.md)
- [Commits](https://github.com/remix-run/remix/commits/@remix-run/[email protected]/packages/remix-express)

Updates `@remix-run/node` from 2.16.0 to 2.16.2
- [Release notes](https://github.com/remix-run/remix/releases)
- [Changelog](https://github.com/remix-run/remix/blob/main/packages/remix-node/CHANGELOG.md)
- [Commits](https://github.com/remix-run/remix/commits/@remix-run/[email protected]/packages/remix-node)

Updates `@remix-run/react` from 2.16.0 to 2.16.2
- [Release notes](https://github.com/remix-run/remix/releases)
- [Changelog](https://github.com/remix-run/remix/blob/main/packages/remix-react/CHANGELOG.md)
- [Commits](https://github.com/remix-run/remix/commits/@remix-run/[email protected]/packages/remix-react)

Updates `isbot` from 5.1.23 to 5.1.25
- [Changelog](https://github.com/omrilotan/isbot/blob/main/CHANGELOG.md)
- [Commits](omrilotan/isbot@v5.1.23...v5.1.25)

Updates `@remix-run/dev` from 2.16.0 to 2.16.2
- [Release notes](https://github.com/remix-run/remix/releases)
- [Changelog](https://github.com/remix-run/remix/blob/main/packages/remix-dev/CHANGELOG.md)
- [Commits](https://github.com/remix-run/remix/commits/@remix-run/[email protected]/packages/remix-dev)

Updates `@types/express` from 5.0.0 to 5.0.1
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/express)

Updates `@typescript-eslint/eslint-plugin` from 8.26.1 to 8.27.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.27.0/packages/eslint-plugin)

Updates `@typescript-eslint/parser` from 8.26.1 to 8.27.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.27.0/packages/parser)

Updates `eslint-import-resolver-typescript` from 3.8.7 to 4.2.2
- [Release notes](https://github.com/import-js/eslint-import-resolver-typescript/releases)
- [Changelog](https://github.com/import-js/eslint-import-resolver-typescript/blob/master/CHANGELOG.md)
- [Commits](import-js/eslint-import-resolver-typescript@v3.8.7...v4.2.2)

---
updated-dependencies:
- dependency-name: "@remix-run/express"
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: "@remix-run/node"
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: "@remix-run/react"
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: isbot
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: "@remix-run/dev"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: "@types/express"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: eslint-import-resolver-typescript
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot requested a review from a team as a code owner March 20, 2025 07:05
@dependabot dependabot bot requested review from blaine-arcjet and e-moran March 20, 2025 07:05
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Mar 20, 2025
@trunk-io Trunk.io
Copy link

trunk-io bot commented Mar 20, 2025

Merging to main in this repository is managed by Trunk.

  • To merge this pull request, check the box to the left or comment /trunk merge below.

Sorry, something went wrong.

@socket-security Socket Security
Copy link

New and updated dependencies detected. Learn more about Socket for GitHub ↗︎

Package New capabilities Transitives Size Publisher
npm/@remix-run/[email protected]2.16.2 Transitive: network, shell, unsafe +363 303 MB chancestrickland, mjackson
npm/@remix-run/[email protected]2.16.2 None 0 18 kB chancestrickland, mjackson
npm/@remix-run/[email protected]2.16.2 Transitive: environment, filesystem, network +25 20.3 MB
npm/@remix-run/[email protected]2.16.2 Transitive: filesystem +9 2.12 MB
npm/@types/[email protected] None +10 2.35 MB
npm/@typescript-eslint/[email protected] Transitive: environment +9 853 kB
npm/@typescript-eslint/[email protected] Transitive: environment +6 139 kB
npm/[email protected]4.2.2 Transitive: environment, eval, filesystem, network +24 39.8 MB alexgorbatchev, bradzacher, jounqin
npm/[email protected]5.1.25 None 0 30.3 kB gorangajic, omrilotan

View full report↗︎

@socket-security Socket Security
Copy link

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert Package NoteSourceCI
Network access npm/@tybys/[email protected] 🚫
Network access npm/@emnapi/[email protected] 🚫

View full report↗︎

Next steps

What is network access?

This module accesses the network.

Packages should remove all network access that is functionally unnecessary. Consumers should audit network access to ensure legitimate use.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/[email protected] or ignore all packages with @SocketSecurity ignore-all

@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Mar 21, 2025

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Mar 21, 2025
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/examples/remix-express/dependencies-70c44ea100 branch March 21, 2025 06:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@blaine-arcjet blaine-arcjet

@e-moran e-moran

Assignees

@e-moran e-moran

@blaine-arcjet blaine-arcjet

Labels
dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@e-moran @blaine-arcjet